A Cybersecurity Thanksgiving
Bill Bernard
Entrepreneurial Cybersecurity Field CTO focused on driving high impact value based sales teams, meaningful customer interactions, and impactful messaging to match quality cybersecurity solutions with those who need them
I'm not Oprah, so no list of my favorite things so you can go shopping.
I'm not the President, so I won't be pardoning any turkeys.
And I don't work at WKRP, so I won't be reporting to you about flying turkeys.
So as a cybersecurity professional I figured I'd mark Thanksgiving in my own way, by sharing some of the things I'm thankful for with you all.
The beginning of the end for passwords
The quarterly (or monthly, depending on the paranoia level of your CISO) ritual of coming up with a new password, one that you haven't used in at least 10 quarters, that is not a password you've used for your bank account, LinkedIn, or any other website or system, and that has at lest 27 characters including at least one that you have to use an ASCII number code to represent it has had its day in the sun. Multi-factor authentication is now a common part of life for everyone, and has come a long way from the thick credit-card style tokens we handed out to those rare few employees who had access to the dial-in modem bank and that we had to replace way too often due to the propensity of men to put their wallets in their back pockets...
While it would be premature to call the password dead, it's importance is finally waning. I'm thankful to be in cybersecurity at a time when I can see that future, and I get to participate in it happening around me.
领英推荐
Our response to ransomware
Ransomware has been a scourge unleashed on a largely unsuspecting world over the past 3 years. The dollars lost, businesses, and lives impacted by ransomware border on being incomprehensible. It makes me long for the days of mere data breaches and lost customer records.
I would argue that nothing has done more in the past 10 years to drop the scales from the eyes of entire industries like ransomware has. Recognizing that even a farming co-op could be a target for destructive ransoms was a watershed moment for many. Colonial Pipeline's ransomware attack lead to congressional hearings, and you can see the direct line of cause and effect to changes in NATO, the US government, and cybersecurity programs at large. We're working fast and furiously to make our programs resilient against ransomware (and, by extension, a great many other common attacks as well) with the support of companies, government, and many other resources. cybersecurity programs are changing for the better due to this. At no time in my involvement in this industry has board-level interest been higher. At no time have we had a better opportunity to help companies make meaningful improvements in their programs, and that is a very good thing indeed. I'm thankful for these improvements and this new focus.
Cybersecurity people
OK, I'm biased here, but I really believe cybersecurity draws in so many of the best people. The neurodivergent who can focus on solving our esoteric problems in their way, and those smart enough to hire them and support them as they do so. The veterans, who are drawn to this industry at nearly 2x the rate they go to other industries. The people who want to make the world a better place and help others. The people who can spend all day listening to angry and scared users who need help to solve their problems. The people who are driven to this weird industry of ours, usually considered an afterthought in many organizations, with the pride to do their jobs well every day for the satisfaction that may only come from within. The security convention organizers who built some of the biggest names in annual conventions organically, as a way to build a community that we so desperately needed and continue to need. I couldn't ask for a better group of people to work with - industry wide.
Yes, we have our bad apples, our techbros, and the like. But the meat-grinder that is this industry quickly chews most of them up and flushes them back out. Those who remain are here because they choose to be. And we gather together (well, figuratively, anyway as so many of us work from home) to get the job done, often with far fewer people than we actually need. I'm thankful for the people who do this great work and form this great community.
Clearly, lots for a cybersecurity person to be thankful for. Happy Thanksgiving.